I am trying to lớn estimate whether it is realistic for mạ to lớn change the IP of a mail server overnight or will this mess with people retrieving their tin nhắn the day after. Basically, the facility where the mail server is will be changing its IP pool and this forces mạ to lớn have to lớn change the A and MX record for the mail server. Since I am not changing the DNS server itself (not moving the records to lớn a different authoritative server), will the change be near instantaneous or will it still take up to lớn 48 hours because of caching on different non authoritative DNS servers that may have queried recently?
Thanks for any insight,
M
asked Jul 24, 2011 at 0:36
Manca WeeksManca Weeks
6993 gold badges7 silver badges11 bronze badges
Every DNS resource record is cached; whether the DNS server itself is moving or not is immaterial. As Yahia said, how long the record is cached is determined by the TTL of the record. Before performing a DNS change, it is common practice to lớn lower the TTL from it's regular value (a day or more, typically) down to lớn something really small, lượt thích 5 minutes.
Complicating this procedure is the fact that some badly-behaved dns caching resolvers ignore the specified TTL and substitute their own values. (The people running these systems need to lớn die in a fire, and if I ever get elected Grand overlord of The Internet, they will). As such, if it's an important system or one used by people outside your direct control, you would be well advised to lớn setup DNAT rules on the system being migrated away from to lớn redirect traffic that does get sent to lớn the previous IP address to lớn the new one.
answered Jul 24, 2011 at 0:57
womble♦womble
97.8k29 gold badges178 silver badges234 bronze badges
6
Do you already know the new IP address? If sánh, you're in luck! Setup a new A
record, subdomain for your tên miền, pointing to lớn the new IP, then add that as an extra MX
record; phối the priority higher on the new one than thở the old MX
record. Do this a couple of days before the new IP is supposed to lớn be activated. After the new IP address is active, remove the old MX
record, leaving the new MX
record. Remember to lớn update your SOA
serial each time you make edits.
Here's an article outlining failover/backup MX
records: http://www.zytrax.com/books/dns/ch9/mail.html
answered Jul 24, 2011 at 0:59
laebshadelaebshade
8265 silver badges11 bronze badges
2
The most important setting in you senario is TTL
of the respective DNS records.
The lower the TTL
is phối the better - you usually won't get to lớn "instantaneous" because of all the DNS servers out there which have diverse caching behaviours but the lower TTL
is phối the better your results will be...
answered Jul 24, 2011 at 0:41
YahiaYahia
2711 silver badge2 bronze badges
1
Changes to lớn DNS should be relatively instantaneous on your authoritative servers. However, due to lớn DNS cashing it will take a while for the changes to lớn get out to lớn clients. This will be more of a problem for frequent clients than thở occasional clients. You can work around this by pre-populating your data.
The various answers already posted cover everything you need to lớn worry about.
- Set the TTL on to lớn a low value. Say 1H a few days before the change. Try to lớn vì thế this at least the current TTL before the change, 2 times TTL would be better.
- Add two new A records for the mail server using the old and new addresses. Create an MX record for each of these giving highest priority to lớn the old server address. Remove the MX for the old address as soon as you cut over. Set the priority on both these records lower than thở the existing record. (Sending servers shouldn't kiểm tra the name your banner uses.
- Add a new A record for the mail server with its current name. And get the PTR record setup for the new address The A record will return both addresses. This will allow rDNS validation to lớn work for either address. (Many receiving servers care about this and may refuse messages or classify them as spam if rDNS fails.)
You are now ready for the cut-over to lớn the new address. After the cutover you can cleanup.
- Remove the MX records for the new names and the A record for the old address.
- Wait a few hours and remove the A records for the new names.
This should be completely transparent to lớn your users. Any problems you encounter should be restricted to lớn servers which are non-compliant with standards.
You can use the double A record technique for other services, but there will be delays when clients try the address which isn't responding and wait for it to lớn timeout.
answered Jul 24, 2011 at 17:59
BillThorBillThor
28.1k3 gold badges38 silver badges70 bronze badges
You must log in to lớn answer this question.
Not the answer you're looking for? Browse other questions tagged
.
Not the answer you're looking for? Browse other questions tagged
.